Upgrading From Previous Versions
Upgrading from 2.4.15
* The tools/rehash utility has been fixed, we recommend ALL sites
with the fulldirhash option enabled to run tools/rehash on their
mailspools.
Upgrading from 2.4.14
* We recommend that ALL sites with fulldirhash enabled run
tools/rehash on their mail spools after upgrading from 2.4.14.
There were serious 32 vs 64 bit hashing bugs which were made worse
with 2.4.14. NOTE: the syntax of tools/rehash has changed. Run it
without arguments to see a usage statement.
Upgrading from 2.4.12
* some LOG_DEBUG level messages are no longer created by default in
the duplicate delivery system, so you won't see them in syslog any
more
* mailboxes in the DELETED. heirarchy are now always suppressed for
non-admin users, even if delayed delete is not enabled (see Bug
#3604). If you happen to be using this namespace at your site for
something else, you're crazy - but you can set "deletedprefix" in
imapd.conf to an invalid value (e.g. '-') if you need.
Upgrading from 2.4.11
* To support bug-interoperability with older versions of Cyrus, the
quota command now supports "-1" as a synonym for unlimited storage
Upgrading from 2.4.10
* Duplicate database formats have changed, so any duplicate or
vacation data will be lost - meaning that vacation responses will
be sent again, and duplicates just across the upgrade time will
both get delivered.
Upgrading from 2.4.9
* quota -f now works correctly. If you are upgrading from earlier
than 2.4.9 we recommend that you run quota -f to ensure that all
quotas are now correct. There is a slight race condition in the
quota command, so it's safest to run with the server shut down, but
this has always existed.
* On the topic of quota -f, the documentation has been updated to
make it quite clear that you need to give "complete" prefixes if
using quotalegacy, as it doesn't implement quite the same semantics
as other databases. If you run 'quota -f a' and you have domains
starting with 'a', you will be quite sad at the results. So don't
do that. Running quota -f with no argument, or with a full domain
or full user specification is perfectly safe.
Upgrading from 2.4.8
* CYRUS_PREFIX environemnt varabile. If you have an environment
variable "CYRUS_PREFIX" then config files will be searched for in
there first, so for example the file /var/cyrus/etc/imapd.conf will
override /etc/imapd.conf if your CYRUS_PREFIX is /var/cyrus. This
is to make things easier for sites with multiple installs on a
single machine. You will want to check that there aren't unexpected
files in those locations when upgrading.
* New config options: *_db_path allow moving individual DB files to
different partitions - for example you may want to put the
deliver.db onto tmpfs to improve performance.
* KNOWN BUG: quota -f can double ALL quota usage values for all
users. This is particularly bad because of the bug fixed in this
release where quotaroots were not correctly updated on folder
rename. Recommended workaround: run quota -f twice.
Upgrading from 2.4.7
* New config option: proc_path allows setting the path to the proc
directory onto tmpfs more easily
Upgrading from 2.4.6
* New config option: failedloginpause allows you to change the pause
after a failed login from the existing default of 3 seconds
* On Solaris: now getpassphrase is used, so passwords longer than 8
characters will work with management tools
* $confdir/proc now gets created automatically if it doesn't exist,
which may impact init script design
* If you have damaged mailboxes that weren't previously fixable, a
reconstruct of those mailboxes may be advised
Upgrading from 2.4.5
* New config option: suppress_capabilities, which takes a space
separated list of capabilities which will NOT be given in any imap
capability response. This can be used on frontends to not display
capabilities that older backends don't have, so clients don't get
confused
Upgrading from 2.4.4
* sync_client no longer forks two process - it just pre-forks a
single process in rolling replication mode and uses it "forever".
This is to avoid the bug where it used to open the BDB environment
once before forking, then close it in every child, causing the
reference count to go negative. This also means you can start it
without '-o' and still have the master start without the replica
already running.
Upgrading from 2.4.3
* Actually, it's more upgrading directly to here from 2.3.x or older.
ALL upgrades from previous versions now incur a full re-parse of
all messages, which may take a while. In exchange you get reliable
upgrades though, and guaranteed still-searchable cyrus.cache
records.
Upgrading from 2.4.2
* The AFS ptloader configure options have changed. If you were
previously specifying --with-afs when you built, you'll now want to
use --enable-afs instead. Additionally, you may now specify
--with-afs-libdir and --with-afs-incdir to facilitate finding the
AFS libraries and header files.
* The sync_log_names option has been replaced with sync_log_channels
and the documentation and tools updated to match. This is to use a
less overloaded term and allow multi-channel replication to be
used.
* Cyrus 2.4.3 can now XFER mailboxes back to earlier version (at
least as far back as Cyrus 2.2.12) in a murder configuration.
* sync_client in rolling mode now only connects after forking, so it
no longer blocks startup. You can remove the '-o' option from your
cyrus.conf entry if you want, and not have to start sync_client
manually afterwards!
Upgrading from 2.4.0
* The response to the "ID" command has changed slightly to include
git metadata rather than CVS metadata - so your in-house tools
expecting a particular value may need changing (very unlikely)
Upgrading from 2.3.16
* There is a new index format, so downgrades are not possible without
a reconstruct. We recommend that you take a full backup before
upgrading, and perform an upgrade with a small test server if
possible to make sure everything will work for your site.
* MURDER does work, but you can't rename a mailbox back to a previous
version backend because the index was upgraded.
* There is a new replication protocol, so you can't replicate between
2.4.0 and previous versions in either direction. You need to
upgrade both before you can restart repliation.
* The default value for delayed_expunge has changed to provide better
QRESYNC and replication support. The default is still pretty
efficient, but you may want to change it to 'immediate', the
previous default
* The default type for all databases is now skiplist which is very
reliable now, all the bugs are ironed out! Because ctl_cyrusdb -r
automatically converts databases between known types, you shouldn't
need to do anything, but if you want to keep the old defaults,
you'll need to make them explicit in your imapd.conf as follows:
duplicate_db: berkeley-nosync
ptscache_db: berkeley
statuscache_db: berkeley-nosync
tlscache_db: berkeley-nosync
* There is a new lock folder which defaults to configdir/lock/ and
contains one zerobyte file per mailbox. These can get pretty hot,
and don't need to persist over reboots (they will be auto-created
when needed) - so you may want to define mboxname_lockpath to be on
tmpfs or ramfs or similar. It certainly makes sense to clean it out
on restart, because names will persist in there forever otherwise.
Even on mailbox delete these files aren't removed (to avoid
potential race conditions)
* The make_md5 and make_sha1 utilities no longer exist. If you want
to check message file integrity, the best way is reconstruct -r -n
-G. This will parse every message file, check the sha1 against the
value stored in the cyrus.index, and tell you about mismatches
without fixing them.
* Speaking of reconstruct, the switches have changed, as has the
implementation. It fixes the mailbox "in place" a lot more rather
than creating a new mailbox, meaning that IMAP semantics won't be
broken. It's more likely to abort rather than complete if your
filesystem permissions are wrong - fix them first!
-kRemoved, expunge data is always kept
-gRemoved, GUIDs are always stored
-GChanged, now means "re-parse the message". If not specified,
reconstruct only checks the message size and assumes the rest of
the stuff in the index record is OK (pretty safe because we do
CRC32 checks on index records now)
-sAdded, skip the stat call, so reconstruct doesn't even check the
message file size - just that a file with the correct name exists
at all
-nAdded, don't make any changes, just report what would have been
done if -n wasn't specified
If you try to use -k or -g, you will get a warning but the
reconstruct will still run.
Upgrading from 2.3.15
* The SQL detection code in configure has been reworked. Separate
options for the include directories and lib directories have been
added. Previous SQL options may not work as expected.
Upgrading from 2.3.10
* STARTTLS is now allowed for externally preauth'd LMTP connections.
If you don't want STARTTLS to be advertised and used by preauth'd
clients, you can set <service_name>_tls_cert_file: disabled in
imapd.conf.
Upgrading from 2.3.9
* The method used for generating Globally Unique IDentifiers used for
replication has been changed to be the SHA1 hash of the messages.
If you wish to upgrade the existing GUIDs in particular mailbox(es)
or the entire server, perform the following steps in the listed
order. Note that is is NOT REQUIRED that existing GUIDs be
upgraded.
1. Zero GUIDs on the replica (reconstruct -g)
2. Regenerate GUIDs on the master (reconstruct -G)
3. Regenerate GUIDs on the replica (reconstruct -G)
Upgrading from 2.3.8
* You must install and configure Cyrus SASL version 2.1.17 or later
to use Cyrus IMAP 2.3.9 and later. You can download SASL at
http://www.cyrusimap.org/mediawiki/index.php/Downloads#SASL_Library.
* The default value of the allowplaintext option has been changed to
disabled (0). If you need to allow cleartext passwords on the wire,
then you will have to explicitly enable the allowplaintext option
in imapd.conf.
Upgrading from 2.3.3 or later (64-bit machines)
* Due to byte alignment issues in cyrus.index, all mailboxes will
have to be reconstructed.
Upgrading from 2.3.4 or 2.3.5
* Any mailboxes which had messages appended/delivered/copied with a
2.3.4 service or copied with a 2.3.5 imapd MUST be reconstructed in
order for the new messages to be displayed by clients.
Upgrading from 2.2.x or earlier
* If you wish to use separate metadata partition(s), you MUST first
shut down Cyrus and then perform the following:
1. Set the metapartition-* and metapartition_files options to suit
your configuration. For a full description of these options,
see the imapd.conf(5) man page.
2. Create the metadata partition directory(s) listed in the
metapartition-* option(s), setting the ownership and
permissions in same fashion as step 6 of install-configure.
3. Run the tools/migrate-metadata script (as the cyrus user) to
move the metadata files listed in the metapartition_files
option from the spool partition(s) to the new metadata
partition(s). This script may take a long time to run depending
on the number of mailboxes on the server, but presumably the
metadata partitions are located on high speed storage, so the
writes should be relatively fast.
4. Restart Cyrus.
Upgrading from 2.2.2 or earlier
* The Cyrus database backend configuration is now handled at runtime
using imapd.conf options. If you are not using the default backend
for any of the databases, make sure that you specify the correct
backend(s) in appropriate option(s).
* The format of the newspeer option has been changed. The existing
format will still be parsed, but the option should be upgraded to
use the new format (see imapd.conf(5) for details).
Upgrading from 2.2.1 or earlier
* The sieve bytecode format has changed again to correct an issue
with the short circuiting of the allof and anyof operators. To
upgrade existing scripts (outside of home directories), you can run
the tools/masssievec perl script included with the distribution. It
requires a path to your sievec binary. This should also upgrade
scripts that have already been compiled to bytecode. For example:
masssievec /usr/src/cyrus/sieve/sievec
Upgrading from 2.2.0 or earlier
* The improved directory hashing (fulldirhash) is now a runtime
configuration option. If you are currently using this feature, then
make sure that you enable the fulldirhash option in imapd.conf.
* The format of mailbox index files has changed. They are upgraded on
the fly, so you need to do nothing to upgrade. However, to
downgrade them you will need to remove the cyrus.index files, and
reconstruct the mailboxes, otherwise the index files will be
invalid.
* ctl_deliver -E has been deprecated in favor of cyr_expire -E. This
new tool does both duplicate delivery database pruning as well as
message expunging. You should replace the appropriate EVENTS entry
in cyrus.conf with one of those in the sample configurations in the
master/conf directory.
* The sieve bytecode format has changed. The new format is encoded in
network byte order, and will be transferable between architechures.
To upgrade existing scripts (outside of home directories), you can
run the tools/masssievec perl script included with the
distribution. It requires a path to your sievec binary. This should
also upgrade scripts that have already been compiled to bytecode.
For example:
masssievec /usr/src/cyrus/sieve/sievec
Upgrading from 2.1.x or earlier
General information (ALL SITES)
* The default database formats for the mailbox list and the seen
state databases has been changed to the skiplist backend. There are
two ways of dealing with this if you have been using the defaults.
1. Specify --with-mboxlist-db=berkeley and --with-seen-db=flat to
configure. This will instruct Cyrus to continue to use the
previous defaults.
2. Use the cvt_cyrusdb program to directly convert the databases.
This should be done with the server down, and with the binaries
from the new Cyrus distribution. Change any paths that do not
match your configuration.
For the mailbox list, the command looks like:
/usr/cyrus/bin/cvt_cyrusdb /var/imap/mailboxes.db berkeley /var/imap/mailboxes.db.new skiplist
mv /var/imap/mailboxes.db.new /var/imap/mailboxes.db
Note that the use of full paths to the database files is
important. You should also backup your old mailboxes database
before moving the new one in.
For the seen state databases, the command to get them all in
one fell swoop looks like:
find /var/imap/user -name \*.seen -exec /usr/cyrus/bin/cvt_cyrusdb \{\} flat \{\}.new skiplist \; -exec mv \{\}.new \{\} \;
The slashes are important for shell escaping. Again, you should
back up the contents of your /var/imap/user directory before
executing this command. These commands may take some time to
complete, especially if your databases are large.
We believe that skiplist offers considerable performance advantages
for these two databases over the previous defaults.
* Sieve scripts are now compiled into bytecode. The program sievec is
provided to do this process manually (timsieved will compile
submitted sieve scripts as they are uploaded). To upgrade existing
scripts (outside of home directories), you can run the
tools/masssievec perl script included with the distribution. It
requires a path to your sievec binary. For example:
masssievec /usr/src/cyrus/sieve/sievec
Note that this will fail for scripts that use the "envelope"
extention but do not require it. Cyrus 2.1's timsieved did not do
appropriate checking that the optional envelope test was required
before it was used.
* Configuration subsystem changes:
* The tls_[service]_* configuration options have been removed.
Now use [servicename]_tls_*, where servicename is the service
identifier from cyrus.conf for that particular process.
* The admins and lmtp_admins configuration options no longer
union. Per-service options completely override the default
value when they are specified.
* lmtp_allowplaintext is no longer a defined parameter and must
be specified using the service name of your lmtp process if you
require a specific value.
Specialized information (Murder, AFS, etc.)
* The IMAP IDLE command is now supported by proxyd and is controlled
by the imapidlepoll option, which is enabled by default (60
seconds). To disable IMAP IDLE in proxyd, set imapidlepoll to 0.
* User moves via RENAME and XFER are now controlled by the
allowusermoves option, which defaults to off.
* If you use ptloader, it now runs as a regular cyrus service. This
means that you will need master to acquire and maintain AFS tokens
for it. You will also need to create the ptclient directory under
your imap configdirectory, to hold the PTS cache (now a
full-fledged cyrusdb) and UNIX socket. In cyrus.conf, ptloader
should be setup to listen on <configdirectory>/ptclient/ptsock. See
the master/test/cmu-backend.conf example configuration file.
* Also, ptloader has been given a generic interface. You should now
specify "--with-auth=pts" (instead of "--with-auth=krb_pts") to
configure. There is also a --with-pts= configure option that
defaults to afskrb (Kerberos Canonicalization, AFS PTS Groups).
There is also an experimental ldap module. Note also that if
ptloader fails the lookup, authorization (and therefore
authentication) will now fail, as canonicalization is done inside
of ptloader.
* The format of sieve referrals has changed to be more consistant
with the current managesieve draft, this may cause interoperability
problems when using managesieve clients and servers from different
cyrus versions.
* Clients that use old-style ACL commands that include the "MAILBOX"
directive will no longer function. We do not know of any clients
that have this problem currently.
* Any applications that link libcyrus.a now need to link
libcyrus_min.a as well.
Upgrading from 2.1.13 or earlier
* We are now more forgiving of MIME boundry headers generated by
earlier versions of eudora. However, if you have messages already
in the mailstore that you want to fix you will need to reconstruct
the affected mailboxes to regenerate the cached bodystructure data
to take this into account. Nothing needs to be done for new
messages to be treated in this way.
Upgrading from 2.1.12 or earlier
* timsieved was corrected to behave properly in the altnamespace
configuration. However, this means that it was previously looking
for sieve scripts in "user.name" format instead of the (correct)
"user^name" format. A sample script to do this (which should be run
in the top level of the sieve directory) is in
tools/convert-sieve.pl. Note that this is only needed if you are
running with altnamespace turned on.
Upgrading from 2.1.3 or earlier
* If you use notifications (previously notify_zephyr or notify_unix)
this functionality has been seperated out to notifyd. See the
notifyd manpage and example entries in master/conf.
Upgrading from 2.1.2 or earlier
* Sieve has been updated to be compliant with RFC 3028 and
draft-martin-sieve-notify-01. All notify actions and any fileinto
and/or redirect actions using stringlists will have to be
updated/changed.
Upgrading from 2.0.16 or earlier
* You must install and configure Cyrus SASL version 2 to use Cyrus
IMAP 2.1 and later. You can download SASL at
http://www.cyrusimap.org/mediawiki/index.php/Downloads#SASL_Library.
* If you use timsieved to manage Sieve scripts, and have enabled the
alternate namespace and/or the Unix hierarchy separator, run the
script "tools/translatesieve". This script will translate the
folder names in fileinto actions.
* Cyrus now uses the service name "sieve" instead of "imap" for the
SASL profile of timsieved. If you use timsieved to manage Sieve
scripts, be sure to update your password checking mechanism
appropriately,
* If you have enabled the improved directory hashing scheme, run the
script "tools/rehash full". This script will rehash your existing
directories.
* The hashed deliver databases (used for duplicate delivery
suppression and Sieve) have been merged into a single deliver.db
database. You can safely remove the entire /var/imap/deliverdb
directory structure after shutting down the server.
* All of the Cyrus databases have been unified under a single BDB
environment. A new ctl_cyrusdb tool is now used for database
recovery and checkpointing instead of ctl_mboxlist and ctl_deliver.
You should replace the appropriate START and EVENTS entries in
cyrus.conf with those in the sample configurations in the
master/conf directory.
* Cyrus now caches SSL/TLS sessions in an external database. If you
have support for SSL/TLS, and haven't disabled session caching (see
imapd.conf(5)), you should add a line like the following to the
EVENTS section of cyrus.conf to prune expired sessions from the
database:
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" period=1440
Upgrading from 2.0.6, 2.0.7, 2.0.8, or 2.0.9 or earlier
* If you use timsieved to manage Sieve scripts, run the script
"tools/upgradesieve". timsieved now uses symlinks instead of hard
links.
Upgrading from a previous 2.0 version to 2.0.6
Warning: You do not need to follow these instructions if you're
upgrading from version 1.6.
* You can now pick whether to use Berkeley db to store seen state,
the subscription files, and the mailboxes file or a flat text file,
at compile time only. (Look in imap/seen_db.c and imap/mboxlist.h.)
* The format of the mailboxes file and seen state has changed. It is
not possible to preserve seen state, but upgrade the mailboxes file
as follows:
1. Run ctl_mboxlist -d > mboxlist.temp to dump existing mailboxes.
2. Remove old database files: rm mailboxes.db db/* user/*/*.seen
3. With the new version of ctl_mboxlist, run ctl_mboxlist -u <
mboxlist.temp.
Upgrading from 1.6.22 or 1.6.24
Warning: Cyrus imapd 2.0 will automatically convert on-disk file
formats as the server is used. It is not possible to run 1.6 after 2.0
has been used on a mail spool without reconstructing every mailbox.
* Create some extra directories and remove the duplicate delivery
database:
mkdir /var/imap/db
mkdir /var/imap/socket
chown cyrus /var/imap/db /var/imap/socket
rm -rf /var/imap/deliverdb
* Convert mailboxes file to Berkeley DB:
su cyrus
cd /var/imap
ctl_mboxlist -u < mailboxes
ctl_cyrusdb -c
Please keep a backup of your mailboxes file. You can dump an
old-style mailboxes file by using ctl_mboxlist -d.
* remove "/etc/inetd.conf" entries. The imap and popd3d lines need to
be removed from /etc/inetd.conf and inetd needs to be restarted.
* master process configuration: You'll need to configure the master
process Cyrus process and ensure that it starts on boot. see this
section of the configuration instructions.
* MTA configuration. You will have to reconfigure your MTA to speak
to lmtpd. See this section of the configuration document.
* cyrus.seen conversion. The cyrus.seen file will be automatically
upgraded as users read mail. After some time, you might want to
delete the cyrus.seen file in each mailbox; it is superceded by the
user/joe.seen file.
* cyrus.index conversion. The cyrus.index file will be automatically
upgraded the first time each mailbox is SELECTed.
* Netnews conversion. The netnews programs are no longer built. If
you are using netnews, you will need to apply the diff in the
netnews/ directory to INN or see if INN is now distributing those
changes. You will also want to run remotepurge on a regular basis
to purge old netnews posts.
Upgrading from 1.6.13
* Upgrading from the Cyrus IMAP server version 1.6.13 or earlier: if
you use Sieve, you should run the "tools/upgradesieve" script, as
the format of the "/usr/sieve" directory has changed slightly.
timsieved, included in this release, will handle maintenance of
Sieve scripts.
* Upgrading from the Cyrus IMAP server version 1.6.10 or earlier: if
you export news via the IMAP server, you'll have to change your
"newsfeeds" file to contain
collectnews!:*:Tf,WR:collectnews
The format of the input to collectnews has changed.
Duplicate delivery suppression is now required for Sieve.
* Upgrading from the Cyrus IMAP server version 1.6.1 or earlier
(including 1.5.x!): the quota and user directories are now hashed
by the first character of the username. This is to reduce the
number of entries in any given directory. It doesn't do a great job
(and in some cases it will do a really poor job) but as a quick
hack it shouldn't make things worse. Optionally, the data
partitions can also be hashed by enabling the "hashimapspool"
option.
You must hash your directories using the "dohash" script in the
tools subdirectory. (If you want to hash your mail spool, be sure
to set "hashimapspool" before running "dohash".) This must be run
as the Cyrus user. Be sure to stop mail service while converting.
Doing this in single user mode is probably the safest.
Upgrading from 1.5
* Upgrading from the Cyrus IMAP server version 1.5 or earlier:
libsasl is now required. Configuring SASL to work may be a chore,
especially if you use shadow passwords.
* An ANSI C compiler is now required. gcc should work fine and can be
acquired from http://www.gnu.org/software/gcc/gcc.html.
* Make sure to read the upgrading instructions under 1.6 above.
* Upgrading from 1.5.14 or earlier requires deleting the delivered
database. Remove the file delivered.db in the configdirectory and
make a directory called "deliverdb" in the configdirectory. This
may cause some duplicates to get through.
* Upgrading from 1.5.14 or earlier requires removing the PTS cache
database (if the AFS PTS group support is used, which is not the
default). The PTS cache is in /var/ptclient/ptscache.db, and you
should remove it. This is because the format for the PTS cache for
IMSP has changed. If you use AFS ACLs, IMSPd, and IMAPd on the same
machine, make sure you have version 1.5a5 of the IMSP server for
this version of the IMAP server. (If you don't have IMSP, or AFS,
don't worry about it.)
